//install
composer require laravel/sanctum
// vendor
php artisan vendor:publish --provider="LaravelSanctumSanctumServiceProvider"
Broadcast::routes(['middleware' => ['auth:sanctum']]);
composer require laravel/sanctum
return $user->createToken('token-name', ['server:update'])->plainTextToken;
use AppModelsSanctumPersonalAccessToken;
use LaravelSanctumSanctum;
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
}
use IlluminateHttpRequest;
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});
axios.defaults.withCredentials = true;
use LaravelSanctumHasApiTokens;
class User extends Authenticatable
{
use HasApiTokens, HasFactory, Notifiable;
}
// Revoke all tokens...
$user->tokens()->delete();
// Revoke the token that was used to authenticate the current request...
$request->user()->currentAccessToken()->delete();
// Revoke a specific token...
$user->tokens()->where('id', $tokenId)->delete();
if ($user->tokenCan('server:update')) {
//
}
axios.get('/sanctum/csrf-cookie').then(response => {
// Login...
});
use LaravelSanctumPersonalAccessToken as SanctumPersonalAccessToken;
class PersonalAccessToken extends SanctumPersonalAccessToken
{
// ...
}
foreach ($user->tokens as $token) {
//
}
return $request->user()->id === $server->user_id &&
$request->user()->tokenCan('server:update')
'domain' => '.domain.com',